[Project_owners] Disabling downloads from within mozilla

Pete Collins pete at mozdev.org
Tue Dec 2 09:22:03 EST 2003


> PC> You can certainly do this and from js code.
> 
> But it is better to configure file permissions so users simply can't
> do anything. If user wants to do something - he will find a way -
> install malisious extension, for example (the only thing required is a
> mouse).

If you are on a permission based system like Linux. Sure. But some 
xpinstall will allow a package to be installed in the moz_user dir.

It seems you should lock down the specific file types you will permit or 
sandbox url's to a fixed domain list. Techniques like this are used all 
the time for kiosks.

--pete

-- 
Pete Collins
www.mozdev.org
www.mozdevgroup.com



More information about the Project_owners mailing list